DOCSLIB.ORG

What a Tangled Web We Weave: Understanding the Interconnectedness of the Third Party Cookie Ecosystem

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
What a Tangled Web We Weave: Understanding the Interconnectedness of the Third Party Cookie Ecosystem What a Tangled Web We Weave: Understanding the Interconnectedness of the Third Party Cookie Ecosystem Xuehui Hu Nishanth Sastry King’s College London King’s College London, UK London, UK University of Surrey, UK [email protected] [email protected] ABSTRACT KEYWORDS When users browse to a so-called “First Party” website, other third Container Identity, Third Party Cookie parties are able to place cookies on the users’ browsers. Although ACM Reference Format: this practice can enable some important use cases, in practice, these Xuehui Hu and Nishanth Sastry. 2020. What a Tangled Web We Weave: third party cookies also allow trackers to identify that a user has Understanding the Interconnectedness of the Third Party Cookie Ecosys- visited two or more first parties which both share the second party. tem. In 12th ACM Conference on Web Science (WebSci ’20), July 6–10,2020, This simple feature been used to bootstrap an extensive tracking Southampton, United Kingdom. ACM, New York, NY, USA, 10 pages. https: ecosystem that can severely compromise user privacy. //doi.org/10.1145/3394231.3397897 In this paper, we develop a metric called “tangle factor” that measures how a set of first party websites may be interconnected 1 INTRODUCTION or tangled with each other based on the common third parties used. It is common knowledge that cookies are placed in a user’s browser Our insight is that the interconnectedness can be calculated as the when they visit a website. The websites that the users visit are chromatic number of a graph where the first party sites are the called first party websites (FPs). Although some of these cookies nodes, and edges are induced based on shared third parties. are placed by FP domains, many are placed by third party affiliates We use this technique to measure the interconnectedness of (TPs) of the first party sites, for reasons such as advertising, orana- the browsing patterns of over 100 users in 25 different countries, lytics. Examples include advertising networks such as adnxs.com, through a Chrome browser plugin which we have deployed. The amazon-adsystem.com and doubleclick.net, analytics platforms users of our plugin consist of a small carefully selected set of 15 such as google-analytics.com, or social media trackers such as test users in UK and China, and 1000+ in-the-wild users, of whom Facebook and Twitter. 124 have shared data with us. We show that different countries Such TPs have proved to be an extremely powerful method for ag- have different levels of interconnectedness, for example China has gregating users’ browser histories – for example, a TP that appears a lower tangle factor than the UK. We also show that when visiting on both https://www.bbc.com, and https://www.nytimes.com the same sets of websites from China, the tangle factor is smaller, is able to infer that a user visited both sites, and therefore can infer due to blocking of major operators like Google and Facebook. that the user might be someone who is interested in news and We show that selectively removing the largest trackers is a very current affairs. An important motivation for such detailed profiling effective way of decreasing the interconnectedness of third party of users is that it can lead to more “targeted” advertisements, which websites. We then consider blocking practices employed by privacy- are much more profitable. For instance, recent research shows that conscious users (such as ad blockers) as well as those enabled by right-leaning hyperpartisan websites in the US use more sophis- default by Chrome and Firefox, and compare their effectiveness ticated and more intensive tracking techniques and are therefore using the tangle factor metric we have defined. Our results help able to command higher prices than left-leaning websites [3]. quantify for the first time the extent to which one ad blocker is As advertisers’ demand for detailed profiles continues to grow, so more effective than others, and how Firefox defaults also greatly does the sophistication of third party tracking technologies. Users help decrease third party tracking compared to Chrome. and many browsers have responded with new technologies to safe- guard user privacy. Indeed, this has led to an “arms race”, with users CCS CONCEPTS installing ad blockers such as AdBlock Plus[14], uBlock Origin[18] • Security and privacy ! Web application security; Social net- and Ghostery[9], and certain websites (e.g., memeburn.com, english- work security and privacy. forum.ch) responding with anti ad-blocking technology[31, 37, 46] that refuse to deliver content unless users unblock ad blockers whilst visiting their sites. Permission to make digital or hard copies of all or part of this work for personal or An important addition to the arsenal of technologies for pre- classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation venting tracking of users is the notion of multi-account containers, on the first page. Copyrights for components of this work owned by others than the often referred to simply as “containers”. Pioneered by Firefox [33], author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or containers are a way to separate different sets of cookies from each republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]. other. Containers were initially intended for providing “contextual WebSci ’20, July 6–10, 2020, Southampton, United Kingdom identities”1, i.e., to create different user identities depending on © 2020 Copyright held by the owner/author(s). Publication rights licensed to ACM. ACM ISBN 978-1-4503-7989-2/20/07...$15.00 1https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Work_ https://doi.org/10.1145/3394231.3397897 with_contextual_identities WebSci ’20, July 6–10, 2020, Southampton, United Kingdom Xuehui Hu and Nishanth Sastry the context of operation. For example, containers allow a user to cleanly separate their work and personal identities on the same browser. Different containers can also be used to login to thesame sites with multiple user ids (for example, users having several email accounts from the same provider can be simultaneously logged in to each of them in different containers). In this sense, containers are similar to other browser extensions such as Multifox [28] or CookieSwap [13] (or the similar Swap my Cookies extension on Chrome [15]). Figure 1: Overlapping first parties which share a third party Firefox containers essentially create a different user profile within tracker must be placed in separate containers, thus the red each container, providing a different database of cookies and stor- and green sites must be separated. The blue website does not 2 age for each . Thus, each container identity is kept separate from share any third parties with either red or green and can be the others, and information such as third party cookies are not placed together with either of them in a container. shared across containers. Firefox suggests [33] that this can be used to also achieve additional privacy, for instance by placing a user’s shopping websites into a separate container from financial websites We calculate the tangle factor by modelling the set of FPs as such as banks and credit cards. nodes of a graph, drawing edges between two FPs when they share Although containers offer a clean way to separate third (and first) one or more TPs. We call this the first party interconnection graph parties from each other by creating different cookie stores, they are (FPIG). Two FPs in the FPIG that share an edge (i.e., share one or only effective if interfering parties are manually placed in separate more TPs) must be therefore placed in separate containers in order containers. Recently, Firefox has come up with add-ons which au- to prevent tracking by the shared TPs. If we assign a colour to each tomatically, or by default, provide protection for one of the most container, and label FPs in the FPIG with the colour of the container prevalent trackers – Facebook. This add-on creates a specialised they are placed in, it is easy to see that the vertex chromatic number container [36] for Facebook. Once installed, it opens Facebook in of the FPIG, i.e., the number of colours needed for nodes or vertices its own container, and the user is logged out of Facebook in other of the FPIG such that neighbouring vertices which share an edge containers, thus automatically preventing Facebook Pixel [35] and are coloured differently, gives the minimum number of containers other tracking by Facebook of users who are logged in. needed to effectively separate that set of FPs. We call this the tangle While a solution for Facebook’s tracking is indeed important as factor of a given set of first party websites. it is widely used on many websites, it is not sufficient, as it does not We apply the Tangle Factor metric to three different sets of offer protection against other third parties. Furthermore, Facebook first party websites. First, we look at the Alexak top- websites for is blocked by the Government in countries such as China, and thus different values of k, and for two different countries, UK and China. 3 is not a major third party in that country [20]. Thus, solutions are Second, we leverage an ongoing user study which developed a needed that work for other important third parties, as well as for Chrome plugin and collected anonymised browsing histories for other country and cultural contexts.
Load more

Recommended publications
  • A Usability Evaluation of Privacy Add-Ons for Web Browsers
    A Usability Evaluation of Privacy Add-ons for Web Browsers Matthew Corner1, Huseyin Dogan1, Alexios Mylonas1 and Francis Djabri2 1 Bournemouth University, Bournemouth, United Kingdom {i7241812,hdogan,amylonas}@bournemouth.ac.uk 2 Mozilla Corporation, San Francisco, United States of America [email protected] Abstract. The web has improved our life and has provided us with more oppor- tunities to access information and do business. Nonetheless, due to the preva- lence of trackers on websites, web users might be subject to profiling while ac- cessing the web, which impairs their online privacy. Privacy browser add-ons, such as DuckDuckGo Privacy Essentials, Ghostery and Privacy Badger, extend the privacy protection that the browsers offer by default, by identifying and blocking trackers. However, the work that focuses on the usability of the priva- cy add-ons, as well as the users’ awareness, feelings, and thoughts towards them, is rather limited. In this work, we conducted usability evaluations by uti- lising System Usability Scale and Think-Aloud Protocol on three popular priva- cy add-ons, i.e., DuckDuckGo Privacy Essentials, Ghostery and Privacy Badg- er. Our work also provides insights into the users’ awareness of online privacy and attitudes towards the abovementioned privacy add-ons; in particular trust, concern, and control. Our results suggest that the participants feel safer and trusting of their respective add-on. It also uncovers areas for add-on improve- ment, such as a more visible toolbar logo that offers visual feedback, easy ac- cess to thorough help resources, and detailed information on the trackers that have been found. Keywords: Usability, Privacy, Browser Add-ons.
    [Show full text]
  • Demystifying Content-Blockers: a Large-Scale Study of Actual Performance Gains
    Demystifying Content-blockers: A Large-scale Study of Actual Performance Gains Ismael Castell-Uroz Josep Sole-Pareta´ Pere Barlet-Ros Universitat Politecnica` de Catalunya Universitat Politecnica` de Catalunya Universitat Politecnica` de Catalunya Barcelona, Spain Barcelona, Spain Barcelona, Spain [email protected] [email protected] [email protected] Abstract—With the evolution of the online advertisement and highly parallel network measurement system [10] that loads tracking ecosystem, content-filtering has become the reference every website using one of the most relevant content-blockers tool for improving the security, privacy and browsing experience of each category and compares their performance. when surfing the Internet. It is also commonly believed that using content-blockers to stop unsolicited content decreases the time We found that, although we can observe some improvements needed for loading websites. In this work, we perform a large- in terms of effective page size, the results do not directly scale study with the 100K most popular websites on the actual translate to gains in loading time. In some cases, there could performance improvements of using content-blockers. We focus even be an overhead to be paid. This is the case for two of the our study on two relevant metrics for measuring the browsing studied plugins, especially in small and fast loading websites. performance; page size and loading time. Our results show that using such tools results in small improvements in terms of page The measurement system and methodology proposed in this size but, contrary to popular belief, it has a negligible impact in paper can also be useful for network and service administrators terms of loading time.
    [Show full text]
  • Whotracks. Me: Shedding Light on the Opaque World of Online Tracking
    WhoTracks.Me: Shedding light on the opaque world of online tracking Arjaldo Karaj Sam Macbeth Rémi Berson [email protected] [email protected] [email protected] Josep M. Pujol [email protected] Cliqz GmbH Arabellastraße 23 Munich, Germany ABSTRACT print users and their devices [25], and the extent to Online tracking has become of increasing concern in recent which these methods are being used across the web [5], years, however our understanding of its extent to date has and quantifying the value exchanges taking place in on- been limited to snapshots from web crawls. Previous at- line advertising [7, 27]. There is a lack of transparency tempts to measure the tracking ecosystem, have been done around which third-party services are present on pages, using instrumented measurement platforms, which are not and what happens to the data they collect is a common able to accurately capture how people interact with the web. concern. By monitoring this ecosystem we can drive In this work we present a method for the measurement of awareness of the practices of these services, helping to tracking in the web through a browser extension, as well as inform users whether they are being tracked, and for a method for the aggregation and collection of this informa- what purpose. More transparency and consumer aware- tion which protects the privacy of participants. We deployed ness of these practices can help drive both consumer this extension to more than 5 million users, enabling mea- and regulatory pressure to change, and help researchers surement across multiple countries, ISPs and browser con- to better quantify the privacy and security implications figurations, to give an accurate picture of real-world track- caused by these services.
    [Show full text]
  • Web Privacy Beyond Extensions
    Web Privacy Beyond Extensions: New Browsers Are Pursuing Deep Privacy Protections Peter Snyder <[email protected]> Privacy Researcher at Brave Software In a slide… • Web privacy is a mess. • Privacy activists and researchers are limited by the complexity of modern browsers. • New browser vendors are eager to work with activists to deploy their work. Outline 1. Background Extension focus in practical privacy tools 2. Present Privacy improvements require deep browser modifications 3. Next Steps Call to action, how to keep improving Outline 1. Background Extension focus in practical privacy tools 2. Present Privacy improvements require deep browser modifications 3. Next Steps Call to action, how to keep improving Browsers are Complicated uBlock PrivacyBadger Disconnect AdBlock Plus Firefox Safari Privacy concern Chrome Edge / IE Browser maintenance experience Extensions as a Compromise uBlock PrivacyBadger Disconnect AdBlock Plus Runtime Extensions modifications Firefox Safari Privacy concern Chrome Edge / IE Browser maintenance experience Privacy and Browser Extensions � • Successes! uBlock Origin, HTTPS Everywhere, Ghostery, Disconnect, Privacy Badger, EasyList / EasyPrivacy, etc… • Appealing Easy(er) to build, easy to share • Popular Hundreds of thousands of extensions, Millions of users Browser Extension Limitations � • Limited Capabilities Networking, request modification, rendering, layout, image processing, JS engine, etc… • Security and Privacy Possibly giving capabilities to malicious parties • Performance Limited to JS, secondary access Extensions vs Runtime uBlock PrivacyBadger Disconnect AdBlock Plus Runtime Extensions modifications Firefox Safari Privacy concern Chrome Edge / IE Browser maintenance experience Under Explored Space uBlock PrivacyBadger Disconnect ? AdBlock Plus Runtime Extensions modifications Firefox Safari Privacy concern Chrome Edge / IE Browser maintenance experience Outline 1. Background Extension focus in practical privacy tools 2.
    [Show full text]
  • Downloading Additional Components of the Webpage
    Towards Seamless Tracking-Free Web: Improved Detection of Trackers via One-class Learning Muhammad Ikramy1, Hassan Jameel Asghary, Balachander Krishnamurthy Mohamed Ali Kaafary, Anirban Mahantiy AT&T Labs–Research, USA 1 School of EET UNSW, Australia y NICTA, Australia Abstract—Numerous tools have been developed to aggressively and tailor advertisements on websites to the browsing history block the execution of popular JavaScript programs in Web and web activities of users [1], [2], [3]. The class of tools browsers. Such blocking also affects functionality of webpages (including web browser plugins), developed in an attempt to and impairs user experience. As a consequence, many privacy preserve user privacy (e.g., NoScript [4], Ghostery [5], and preserving tools that have been developed to limit online tracking, Adblock Plus [6]), aims to block JavaScript programs and other often executed via JavaScript programs, may suffer from poor components of a webpage that may compromise user privacy performance and limited uptake. A mechanism that can isolate JavaScript programs necessary for proper functioning of the and enable tracking. However, aggressive blocking can hinder website from tracking JavaScript programs would thus be useful. proper functioning of the website and impact user’s browsing Through the use of a manually labelled dataset composed of 2,612 experience [7], [8] (See AppendixE for an example of how JavaScript programs, we show how current privacy preserving a tool blocks content necessary for proper website function.). tools are ineffective in finding the right balance between blocking A mechanism that can properly isolate JavaScript programs tracking JavaScript programs and allowing functional JavaScript necessary for “legitimate” web functioning of the website from code.
    [Show full text]
  • General Characteristics of Android Browsers with Focus on Security and Privacy Features
    BÁNKI KÖZLEMÉNYEK 3. ÉVFOLYAM 1. SZÁM General characteristics of Android browsers with focus on security and privacy features Petar Čisar*, Sanja Maravic Cisar**, Igor Fürstner*** Academy of Criminalistic and Police Studies, Belgrade, Serbia, **Subotica Tech, Subotica, Serbia, ***Óbuda University, Bánki Donát Faculty of Mechanical and Safety Engineering, Budapest, Hungary, [email protected], [email protected], [email protected] • Incognito browsing mode - offers real private Abstract —Satisfactory level of security in the use of the browsing experience without leaving any historical Internet in mobile devices depends on several factors. One of data. them is safe browsing. A key factor in providing secure • Using of HTTPS protocol - enforces SSL (Secure browsing is the application of a browser with the appropriate Socket Layer) security protocol (using of certificates) methods applied: clearing cookies, cache and history, ability wherever that’s possible. of incognito browsing, using of whitelists and encryptions and others. This paper presents an overview of the various • Disabling features like JavaScript, DOM (Document security and privacy features used in the most frequently Object Model) storage used Android browsers. Also, in the case of several browsers • Using fingerprinting techniques and types of mobile devices, the use of benchmark tests is Further sections of this paper provide an overview of the shown. Bearing in mind the differences, when choosing a applied security and privacy methods for more popular browser, special attention should be paid to the applied Android browsers. Also, in order to compare the adequate security and privacy features. features of browsers, the use of benchmark tests on different mobile devices will be shown.
    [Show full text]
  • How to Enable Javascript in a Web Browser
    How to enable JavaScript in a web browser To allow all Web sites in the Internet zone to run scripts, use the steps that apply to your browser: Windows Internet Explorer (all versions except Pocket Internet Explorer) Note To allow scripting on this Web site only, and to leave scripting disabled in the Internet zone, add this Web site to the Trusted sites zone. 1. On the Tools menu, click Internet Options , and then click the Security tab. 2. Click the Internet zone. 3. If you do not have to customize your Internet security settings, click Default Level . Then do step 4 If you have to customize your Internet security settings, follow these steps: a. Click Custom Level . b. In the Security Settings – Internet Zone dialog box, click Enable for Active Scripting in the Scripting section. 4. Click the Back button to return to the previous page, and then click the Refresh button to run scripts. Mozilla Corporation’s Firefox By default, Firefox enables the use of JavaScript and requires no additional installation. Note To allow and block JavaScript on certain domains you can install privacy extensions such as: NoScript: Allows JavaScript and other content to run only on websites of your choice. Ghostery: Allows you to block scripts from companies that you don't trust. For more information please refer to mozzila support web page. Google Chrome 1. Select Customize and control Google Chrome (the icon with 3 stacked horizontal lines) to the right of the address bar. 2. From the drop-down menu, select Settings . 3. At the bottom of the page, click Show advanced settings..
    [Show full text]
  • Browser Extension and Login-Leak Experiment
    BROWSER EXTENSION AND LOGIN-LEAK EXPERIMENT IPEN 2017, Vienna Joint work with Nataliia Bielova, Claude Castelluccia Gábor György Gulyás Privatics Team, INRIA http://gulyas.info // @GulyasGG USER TRACKING ON THE WEB 17-06-09 © Gábor György Gulyás 2 The „de-facto” busniess model of the web Advertiser ID=967 User Apples on sale! ID=967 cnn.com 17-06-09 © Gábor György Gulyás 3 Storing the identifier on the client side • Cookies • E-tags – Flash • Last-mod timestamps – HTML5 • HTTP authentication • Caching in files of • HTTP 301 redirect – JavaScript • HSTS caches – CSS – Images (pixel-level) … 17-06-09 © Gábor György Gulyás 4 Browser fingerprinting appears (2010-2012) [3] http://panopticlick.eff.org https://fingerprint.pet-portal.eu • Browser fingerprint • Cross-browser fingp. – Flash/Java required – Device fingerprint (for 95% uniqueness) – No plugins, just JS – Browser dependent – Concept appears later in the wild 17-06-09 © Gábor György Gulyás 5 Fingerprinting penetration (2013-2016) 2013: Alexa TOP 10k. • 20 pages deep • 0,4% adoption (40 sites) • Skype.com, porn and dating • 3 804 less popular sites are tracked Nickiforakis et al.: Cookieless monster: Exploring the ecosystem of web-based device fingerprinting (2013) 2016: Alexa TOP 1M. S. Englehardt, A. Narayanan: Online tracking: A 1-illion-site measurement and analysis (2016) 17-06-09 © Gábor György Gulyás 6 Behavioral fingerprinting You are what you install to you computer? Fonts are good indicators of what is installed. Boda et al.: User Tracking on the Web via Cross-Browser Fingerprinting (2011) Google.com Youtube.com Facebook.com Baidu.com The list of the sites you have Yahoo.com Wikipedia.org visited also describe you well.
    [Show full text]
  • Understanding Ad Blockers
    Understanding Ad Blockers A Major Qualifying Project Submitted to the Faculty of Worcester Polytechnic Institute In partial fulfillment of the requirements for the Degree of Bachelor of Science In Computer Science By _________________________________ Doruk Uzunoglu March 21, 2016 _______________________ Professor Craig E. Wills, Project Advisor Professor and Department Head Department of Computer Science ABSTRACT This project aims to provide useful information for users and researchers who would like to learn more about ad blocking. Three main research areas are explored in this project. The first research area provides general information about ad blocking tools and aims to explore ad blockers from a user’s perspective. The second research area provides analyses regarding third­party sites that appear on popular first­party sites in order to explore the behavior of third­parties. Finally, the third research area provides analyses regarding filter lists, which are sets of ad filtering rules used by ad blocking tools. The third research area aims to convey the differences and similarities between individual filter lists as well as sets of filter lists that form the defaults of ad blocking tools. 1 ACKNOWLEDGEMENTS I would like to thank Professor Craig Wills for advising my project, providing insight, and gathering the popular third­party domains data which I analyzed as part of this project. In addition, I would like to thank Jinyan Zang for sharing the third­party data regarding mobile apps, which they have gathered as part of their 2015 paper named “Who Knows What About Me? A Survey of Behind the Scenes Personal Data Sharing to Third Parties by Mobile Apps.” The data provided by Jinyan Zang was also analyzed as part of this project.
    [Show full text]
  • Internet Privacy Implications Research and Draft
    Internet Privacy Implications A Major Qualifying Project Worcester Polytechnic Institute Submitted to the Faculty of the Worcester Polytechnic Institute in partial fulfillment of the requirements for the Degree of Bachelor of Science. Submitted By: Goncharova, Masha Harnois, Jeffrey Advisors: Wills, Craig PhD Doyle, James PhD May 6, 2021 Abstract Our research focused on understanding the effectiveness of browsers, extensions, mobile applications, and search engines and their protection of user privacy. We ran test cases on the top 100 Alexa sites, using a Fiddler proxy to capture traffic, with certain configurations of tools mentioned to see which ones were efficient in blocking user tracking technologies. We found that Brave and Firefox in Strict mode are the best browsers in terms of tradeoff between percent of websites with degradation versus percent trackers remaining. uBlock Origin, Ghostery and Privacy Badger are the best browser extensions in terms of the same tradeoff. Based on our results, we created a recommendation system using a survey approach. We suggest a combination of tools that are personalized to users based on their reported privacy preferences and desire to switch their current browsing setup. In order to better understand users’ views on privacy, we additionally showed participants their own data Google has synthesized about them to evaluate if that would change their responses. A ceiling effect appeared in our responses, indicating that no matter the condition, all our participants indicated a willingness to switch to the tools that we were recommending. 1 Table of Contents Abstract 1 Table of Contents 2 List of Tables 6 List of Figures 7 Double Major Note 9 1.
    [Show full text]
  • Cross-Website Tracker Visualization Extension
    Visualizing Trackers Found in Browsing Data Using Privacy Badger Aryan Srivastava Ragna Agerup William Kuenne Brown University Brown University Brown University Abstract It has become increasingly difficult for an average person Thus, our goals are as follows: to understand how their data is being used on the internet. 1. Provide transparency and educate users in how tracking On average, 79% of websites globally are secretly tracking online works, even for those who are not confident tech- you [5]. At the same time, Google is tracking you on 86% of savvy people. the 50,000 most common websites across the globe [7]. Both these examples paint a picture most people are not aware of 2. Break down information of how each tracker works, who because trackers seem invisible to the user on the pages they they are and what websites we found them on. appear. Furthermore, this has contributed to a misconception 3. Providing users with the option to opt-out from tracking of what amount of personal information is exposed online, of each individual tracker. because it is more than the eye can see. Ghostery, a browser extension that aims to tackle the problem of showing and 1.2 The Current Situation blocking invisible trackers, have reported a total of about 2,000 trackers on the web [6]. We provide a way for users There are currently several tools that help identify and block to collect data about the trackers and in addition, we have trackers on the web, some of these being Privacy Badger, created a website to visualize the number of trackers found, Ghostery and more recently browsers such as Firefox and on what websites they appear, and who they are.
    [Show full text]
  • ITLT-Safe Browsing.Pdf
    1 Safe browsing - is an ad-blocker extension enough? AIMILIOS TSOUVELEKAKIS IT-DI-CSO IT LIGHTNING TALK – 12/2015 What we would like to avoid... 2 While browsing the Web? 1. Getting infected by malicious advertisement / content 2. Being tracked by marketing services and social networks 3. Getting annoyed by abusive advertisement How Ad-Blockers work? 3 Their purpose is to achieve: Element Hiding . Objects used to serve ads are being blocked automatically . Space on the page taken by ads will now be used for displaying the actual page contents Request Blocking . HTTP requests for retrieving resources that are supposed to be blocked will be prevented from loading . Works through regex expressions / rules that are transformed to regular expressions Benchmarking Blockers! 4 Ad Blockers Tracking Blockers Adblock Plus Adblock Adguard Ublock Origin Disconnect Ghostery Open Source Regex Filters Host Filters Import Lists Hide Element Whitelist Ads Send Statistics Chrome, Firefox, Chrome, Firefox, Browser All Chrome All Chrome, Firefox Opera, Safari Opera, Safari All: Internet Explorer, Edge, Chrome, Firefox, Opera, Safari More on Privacy…and Statistics! 5 Adblock Plus Non- Intrusive Ads Adblock Acceptable Ads Ghostery Statistics Adguard Send Program Statistics Tracking with Cookies 6 1. Your browser gets tagged from the site that you just visited by receiving a cookie 2. You continue browsing a different site which has an area for suggested advertisements (targeted ads) 3. The web page you are currently browsing reads the cookie 4. And… You get a relevant advertisement! 5. The advertisement may be of relevant content OR you may get an advertisement from the site you were browsing just before Malvertisements 7 Malware distributed via advertisements.
    [Show full text]